Thursday, July 12, 2018

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:



Compromised Email Accounts
Reporting Period: July 9, 2018 

On 9 July 2018, Wapack Labs identified 154 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com 

Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:   
Reporting Period: July 9, 2018

Wapack Labs identified connections from 40,804 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com
 
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM
This TLP AMBER report is available only to Red Sky Alliance members.

Thursday, July 5, 2018

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:


Compromised Email Accounts
Reporting Period: July 2, 2018 

On 2 July 2018, Wapack Labs identified 131 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com 


Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM

Thursday, June 28, 2018

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:   
Reporting Period: June 26, 2018

Wapack Labs identified connections from 37,359 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com
 
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM
This TLP AMBER report is available only to Red Sky Alliance members.

Tuesday, June 26, 2018

Cyber Intelligence: Weaponizing the Blockchain; China's Restructure of its Cyber Forces, Webinars

If you are reading this post now, that means you missed the first session of three, Wapack Labs cyber intelligence report webinars. Four times a year Wapack Labs hosts Threat Days for our membership. And from time to time we share those cyber reports with the public.

We put together 3 sessions from our last Q2 Threat Day.

  • REDSHORTS Reporting - A collection of 5 to 10-minute reports on various cyber topics. From Satori Botnet GPON attacks to Russian APT activity. Too late you missed it, but you never know, if have requests we could re-broadcast. 

What you haven't missed:

  • Weaponizing the Blockchain Report - How can we detect and extract encoded data within the blockchain and encrypt our data to prevent unintended extraction.
  • China's Restructure of its Cyber Forces Report - A report that will answer these questions: Are the Chinese still a major cyber problem? What are the current Chinese organizations for cyber intrusion operations? What Chinese organization has the cyber attack mission?

Whats next? Have you been to our Wapack Labs Red Sky Alliance Small Business site? SBA is a free site and if you register not only do you get access to more Wapack reporting you also get access to Wapack analysts. We have a forum on the site, just made for all types of cyber questions and sharing. Give it a try.

Enjoy the webinars. Wapack Labs analysts work hard to get the best cyber intelligence.

Monday, June 25, 2018

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:


Compromised Email Accounts
Reporting Period: June 25, 2018 

On 25 June 2018, Wapack Labs identified 6,647 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com 


Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM

Thursday, June 21, 2018

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:

Compromised Email Accounts
Reporting Period: June 18, 2018 

On 18 June 2018, Wapack Labs identified 480 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com 


Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:   
Reporting Period: June 18, 2018

Wapack Labs identified connections from 59,299 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com
 
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM
This TLP AMBER report is available only to Red Sky Alliance members.

Thursday, June 14, 2018

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:   
Reporting Period: June 11, 2018

Wapack Labs identified connections from 5,430 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com
 
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM
This TLP AMBER report is available only to Red Sky Alliance members.

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:

Compromised Email Accounts
Reporting Period: June 11, 2018 

On 11 June 2018, Wapack Labs identified 283 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com 


Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM

Thursday, June 7, 2018

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:   
Reporting Period: June 6, 2018

Wapack Labs identified connections from 879 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com
 
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM
This TLP AMBER report is available only to Red Sky Alliance members.

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:

Compromised Email Accounts
Reporting Period: June 6, 2018 

On 6 June 2018, Wapack Labs identified 192 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com 


Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM

Sunday, June 3, 2018

Wapack Labs Sinkhole Blacklist

LP AMBER ANNOUNCEMENT:   
Reporting Period: May 30, 2018

Wapack Labs identified connections from 753 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com
 
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM
This TLP AMBER report is available only to Red Sky Alliance members.

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: May 30, 2018 

On 30 May 2018, Wapack Labs identified 368 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com 


Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems. 

WWW.WAPACKLABS.COM

Tuesday, May 29, 2018

Overcome Outdated Cyber Risk Processes & Compliance - Top 2 Events in Huntsville Alabama, Next Week

Huntsville, Alabama, is one of the nation's largest technological hubs. Home to Department of Defense organizations and civilian departments and agencies including DHS, NIST, NASA, TVA, NSA, and DOE. Looking for cyber risk and compliance solutions?  Next week there will be two cyber events, in Huntsville that will have the answers you are looking for:

National Cyber Summit, June 5-7, 2018

3rd Annual H2L & Wapack Labs 2018 Threat Symposium, June 5, 2018

Use the links above to register NOW for both of these events. Both offer a unique opportunity to network with your peers, find real solutions and learn new skills.


Highlights on the H2L & Wapack Labs Threat Symposium

  • KEYNOTE - Dr. Jim Armstrong |Former CIO of a Missile Defense Agency|
    Chinese Cyber Cycle & Technology Transfer Strategy
  • Stan Lozovsky |Vice President & COO, H2L Solutions, Inc.|
    Cyber in the National Guard
  • Jeff Stutzman, CISSP | Chief Intelligence Officer, Wapack Labs LLC|
    NIST Compliance
  • Jesse Burke | Advanced Cyber Analyst, Wapack Labs LLC|
    Weaponizing the Blockchain

See You There!

WWW.WAPACKLABS.COM